---
layout: docs
page_title: Register external plugins
description: >-
  Register and enable an external plugin with Vault
---

# Register and enable external plugins

An external plugin is any authentication or secrets plugin build from external
code. Vault pre-registers commonly used external plugins (like `kv`), but you
must manually add other external plugins to the Vault plugin catalog before you
can use them with your Vault installation.

If you register an external plugin with the same name as a pre-registered plugin,
Vault defaults to the manually registered plugin when you enable a new mount
with that name.


## Before you start 

- **To register enterprise plugins, you have Vault v1.16.16+, 1.17.12+, 1.18.5+,
  or 1.19.x+**.
- **You must have admin permissions for Vault**. Specifically, you must be able
  to run `plugin register` and the appropriate `enable` command.
- **You must have
  [`plugin_directory`](/vault/docs/configuration#plugin_directory) set in your
  Vault configuration file**.
- **You must have the plugin binary or zip file saved to the location set in
  `plugin_directory`**. 
- **You must have [`api_addr`](/vault/docs/configuration#api_addr) set in your
  Vault configuration file**.


## Step 1: Update the plugin catalog

You must register your external plugin with the Vault catalog before enabling
it. Registering plugins ensures the plugin invoked by Vault is authentic and
maintains integrity.

@include 'plugins/register.mdx'


## Step 2: Enable the plugin

Enable the plugin to make it available to clients.

@include 'plugins/enable.mdx'


## Step 3: Verify the plugin status

Verify the plugin is ready for use and running the correct version.

@include 'plugins/verify-status.mdx'